Effective Date: 30 December 2024
Defense Support Contracting L.L.C. (“DSC”, “we”, “our”, or “us”) is committed to ensuring the confidentiality, integrity, and availability of all data and information systems under its control. This Data Security / Cybersecurity Policy outlines the principles, responsibilities, and measures we implement to protect our digital assets, client information, and operational systems.
1. Purpose
The purpose of this policy is to safeguard DSC’s information systems, networks, and digital assets; protect sensitive client, partner, and employee data from unauthorized access, disclosure, alteration, or destruction; and ensure compliance with applicable legal, regulatory, and contractual cybersecurity requirements.
2. Scope
This policy applies to all DSC employees, contractors, consultants, and third-party service providers with access to DSC systems; all information systems, networks, devices, and applications owned, managed, or used by DSC; and all data stored, processed, or transmitted through DSC systems.
3. Key Principles
Confidentiality: Access to data is granted strictly on a need-to-know basis. Sensitive information is encrypted during storage and transmission where applicable.
Integrity: Data must be accurate, complete, and protected from unauthorized alteration. Regular audits and monitoring ensure the integrity of information systems.
Availability: Systems and data should be accessible to authorized users when needed. Backup and disaster recovery procedures are in place to ensure business continuity.
Accountability: All users of DSC systems are responsible for complying with security policies and reporting potential threats.
4. Security Measures
Access controls include unique user accounts, strong passwords, and multi-factor authentication. Network security is ensured through firewalls, intrusion detection/prevention systems, and secure VPN access. Endpoint protection includes anti-virus software, patch management, and device encryption. Sensitive data is encrypted at rest and in transit. System activities are monitored to detect suspicious behavior. Procedures exist for identifying, containing, and mitigating cybersecurity incidents. Employees receive ongoing cybersecurity training and awareness updates.
5. Third-Party & Vendor Security
All third-party service providers must comply with DSC’s security standards. Vendor access to systems or data requires formal agreements, including data protection obligations.
6. Reporting & Incident Management
Employees and partners must report actual or suspected security breaches immediately to the DSC IT/security team at info@defensesupportllc.com. DSC investigates all incidents and takes appropriate corrective measures.
7. Policy Review
This policy is reviewed and updated at least annually or whenever significant technological, operational, or regulatory changes occur.
8. Contact Information
For questions regarding this Data Security / Cybersecurity Policy: Email: info@defensesupportllc.com Phone: +971‑4‑770‑0871